How to redirect batch reg query output with findstr?

[bardman]

This script is only a portion of about 200-300 registry statements from the original full file. It sets all registry settings as per each reg add statement.However, applying this script obviously could break something or everything.
The script will be applied on a Windows 2008 R2 server.
Original statement
reg add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa" /v RestrictAnonymous /t REG_DWORD /d 1 /f

What I want to accomplish before applying this script is:
1. Query each key to check if key exists with the correct data
2. If key and correct data exists, no action needed
3. If key nor data exists, redirect output to file
a. I would like for the result to be displayed along with the registry key that does not match
The redirected output for the non-matching registry keys will be the ones I will manually review.

The following represents my attemps to derive the data I am requesting. I have applied many different switches (/f /d | (pipe) with findstr) and redirections in many different ways all with no luck. I also reviewed the reg compare command but it is not applicable because I am not using another client to compare the registry against. For some reason, I cannot get any combinations of switches and commands to work as desired. If I get the desired output, the findstr is not validating correctly. Or, if the findstr validates correctly, the output does not show. The findstr results seems to be the logical statement but the results are not validating correctly ex. >> C:\Users\AIODUDE\Documents\results.csv reg query "HKLM\Software\_reg_test" /v STIG_test | findstr /E "0"
if %ERRORLEVEL% EQU 0 echo I match >> C:\Users\AIODUDE\Documents\results.csv
if %ERRORLEVEL% NEQ 0 echo No match >> C:\Users\AIODUDE\Documents\results2.csv

Remember, this script has about 200-300 registry add statements.

Code: Select all

::all reg add keys are only set to do not read during testing
::reg add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa" /v RestrictAnonymous /t REG_DWORD /d 1 /f

reg query "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa" /v RestrictAnonymous > D:\results.csv
if %ERRORLEVEL% EQU 0 echo I match >> D:\results.csv
if %ERRORLEVEL% NEQ 0 echo No match >> D:\results.csv


::reg add "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\EventLog\Setup" /v MaxSize /t REG_DWORD /d 32768 /f

reg query "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\EventLog\Setup" /v MaxSize >> D:\results.csv
if %ERRORLEVEL% EQU 0 echo I match >> D:\results.csv
if %ERRORLEVEL% NEQ 0 echo No match >> D:\results.csv


::reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer" /v AlwaysInstallElevated /t REG_DWORD /d 0 /f

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer" /v AlwaysInstallElevated >> D:\results.csv
if %ERRORLEVEL% EQU 0 echo I match >> D:\results.csv
if %ERRORLEVEL% NEQ 0 echo No match >> D:\results.csv

pause

[Endoro]

your question is already answered here. There is no reason for cross posting. Test the answer first.

[foxidrive]

Edit: Endoro beat me.

Multi forum post.

It's on stackexchange.com at least.

[bardman]

That post on the other site (which is my post obviously) does not account for the findstr command. I could already derive this same information using various other methods with differing switches and commands.

So something that can redirect this same output but account for the specfic data that the findstr returns would be helpful.

Thanks

[foxidrive]

The problem here is that you have people working *for free* on more than one site on your problem.

Some of them will duplicate the work, and waste their time because you will not tell each site what the other one has done.

[bardman]

I fully understand. I generally post results in both places when I do get one.